December 6, 2024 20:55 WIB | Cybersecurity Daily
Jakarta, December 6, 2024 – A significant cyberattack incident has come to light, raising concerns about the security of the subdomain vip.kompas.com. The attack, which reportedly took place on December 2, 2024, at 13:18 WIB, has been attributed to a hacker named BUAYALAUT, part of the group NOOB.
Incident Overview
- URL: https://vip.kompas.com/hi.htm
- System Details:
- Operating System: Linux
- Web Server: Nginx
- IP Address: 13.226.61.48
- Location: Hong Kong
The attackers employed a Man-in-the-Middle (MITM) technique to intercept access credentials, exploiting vulnerabilities in the system’s communication channels.
Hacker’s Motive
In an ironic twist, the hacker declared their motivation simply as:
“Heh…just for fun!”
The defacement archive of the hacked page has been uploaded and mirrored on the defacer community website DefacerID, providing a digital record of the attack.
Attack Proofs & Reports
- Defacement Archive: https://defacer.id/mirror/id/136460
- Cyber Attack Report: https://defacer.id/cyber-attack-report/136460